public override void OnActionExecuting(ActionExecutingContext filterContext) { //bool IsIgnored = false; if (filterContext == null) { throw new ArgumentNullException("filterContext"); } var controllerName = filterContext.RouteData.Values["controller"].ToString(); var actionName = filterContext.RouteData.Values["action"].ToString(); Enterprise.Invoicing.Service.AccountService monitorservice = new Enterprise.Invoicing.Service.AccountService(new AccountRepository()); #region 如果有配置允许的页面,则遍历 ////获取当前配置保存起来的允许页面 //var path = filterContext.HttpContext.Request.Path.ToLower(); //IList<string> allowPages = ConfigSettings.GetAllAllowPage(); //foreach (string page in allowPages) //{ // if (page.ToLower() == path) // { // IsIgnored = true; // break; // } //} //if (IsIgnored) // return; #endregion #region 是否有加密码狗 //Dog dog = new Dog(100); //// Read the string variable from the dog //dog.DogAddr = 0; // The address read //dog.DogBytes = 10; // The number of bytes read //dog.ReadDog(); //if (dog.Retcode != 0) //{ // RedirectLogin(filterContext, "AutoNeedLogin", "未检测到加密锁!"); // return; //} #endregion #region 第一步:验证当前action是否是匿名访问action if (Checkanonymous(filterContext)) { return; } #endregion #region 第二步:登录验证 if (filterContext.HttpContext.Session["LoginUser"] == null)//SessionHelper.GetSession("LoginUser") { RedirectLogin(filterContext, "AutoNeedLogin", ""); return; } #endregion object[] isajax = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AjaxActionAttribute), true); object[] hasloginallow = filterContext.ActionDescriptor.GetCustomAttributes(typeof(LoginAllowAttribute), true); #region 第三步:如果是AjaxAction,则验证其需要的权限,不验证自身的权限 if (isajax.Length >= 1) { var attr = (AjaxActionAttribute)isajax[0]; var conName = attr.ForController; var actName = attr.ForAction; LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser"); //if (!WebAccountHelper.CheckHasModuleFunction(loginuser.role_guid, conName, actName)) if (!monitorservice.CheckAjaxRight(loginuser.role_sn, conName, actName)) { RedirectLogin(filterContext, "AutoNeedLogin", "无ajax访问权限"); LogHelper.Info(loginuser.userid, "用户无:../" + controllerName + "/" + actionName + "的访问权限"); } } #endregion #region 是否为用户中心权限 object[] iscu = filterContext.ActionDescriptor.GetCustomAttributes(typeof(UserCenterAttribute), true); if (iscu.Length >= 1) { var attr = (UserCenterAttribute)iscu[0]; var isadmin = attr.Admin; LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser"); if (isadmin && !loginuser.IsAdmin) { RedirectLogin(filterContext, "AutoNeedLogin", "需要管理员权限"); } } #endregion #region 第四步:权限验证,如果没有找到LoginAllow标记也没有找到AjaxAction标记则需验证权限 if (hasloginallow.Length < 1 && isajax.Length < 1 && iscu.Length < 1) { LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser"); if (!monitorservice.CheckAjaxRight(loginuser.role_sn, controllerName, actionName)) { RedirectLogin(filterContext, "AutoNeedLogin", "无访问权限"); LogHelper.Info(loginuser.userid, "用户无:../" + controllerName + "/" + actionName + "的访问权限"); } } #endregion }
public override void OnActionExecuting(ActionExecutingContext filterContext) { //bool IsIgnored = false; if (filterContext == null) { throw new ArgumentNullException("filterContext"); } var controllerName = filterContext.RouteData.Values["controller"].ToString(); var actionName = filterContext.RouteData.Values["action"].ToString(); Enterprise.Invoicing.Service.AccountService monitorservice = new Enterprise.Invoicing.Service.AccountService(new AccountRepository()); #region 如果有配置允许的页面,则遍历 ////获取当前配置保存起来的允许页面 //var path = filterContext.HttpContext.Request.Path.ToLower(); //IList<string> allowPages = ConfigSettings.GetAllAllowPage(); //foreach (string page in allowPages) //{ // if (page.ToLower() == path) // { // IsIgnored = true; // break; // } //} //if (IsIgnored) // return; #endregion #region 是否有加密码狗 //Dog dog = new Dog(100); //// Read the string variable from the dog //dog.DogAddr = 0; // The address read //dog.DogBytes = 10; // The number of bytes read //dog.ReadDog(); //if (dog.Retcode != 0) //{ // RedirectLogin(filterContext, "AutoNeedLogin", "未检测到加密锁!"); // return; //} #endregion #region 第一步:验证当前action是否是匿名访问action if (Checkanonymous(filterContext)) return; #endregion #region 第二步:登录验证 if (filterContext.HttpContext.Session["LoginUser"] == null)//SessionHelper.GetSession("LoginUser") { RedirectLogin(filterContext, "AutoNeedLogin", ""); return; } #endregion object[] isajax = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AjaxActionAttribute), true); object[] hasloginallow = filterContext.ActionDescriptor.GetCustomAttributes(typeof(LoginAllowAttribute), true); #region 第三步:如果是AjaxAction,则验证其需要的权限,不验证自身的权限 if (isajax.Length >= 1) { var attr = (AjaxActionAttribute)isajax[0]; var conName = attr.ForController; var actName = attr.ForAction; LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser"); //if (!WebAccountHelper.CheckHasModuleFunction(loginuser.role_guid, conName, actName)) if (!monitorservice.CheckAjaxRight(loginuser.role_sn, conName, actName)) { RedirectLogin(filterContext, "AutoNeedLogin", "无ajax访问权限"); LogHelper.Info(loginuser.userid, "用户无:../" + controllerName + "/" + actionName + "的访问权限"); } } #endregion #region 是否为用户中心权限 object[] iscu = filterContext.ActionDescriptor.GetCustomAttributes(typeof(UserCenterAttribute), true); if (iscu.Length >= 1) { var attr = (UserCenterAttribute)iscu[0]; var isadmin = attr.Admin; LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser"); if (isadmin && !loginuser.IsAdmin) { RedirectLogin(filterContext, "AutoNeedLogin", "需要管理员权限"); } } #endregion #region 第四步:权限验证,如果没有找到LoginAllow标记也没有找到AjaxAction标记则需验证权限 if (hasloginallow.Length < 1 && isajax.Length < 1 && iscu.Length < 1) { LoginUser loginuser = (LoginUser)SessionHelper.GetSession("LoginUser"); if (!monitorservice.CheckAjaxRight(loginuser.role_sn, controllerName, actionName)) { RedirectLogin(filterContext, "AutoNeedLogin", "无访问权限"); LogHelper.Info(loginuser.userid, "用户无:../" + controllerName + "/" + actionName + "的访问权限"); } } #endregion }